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DETAILED ACTION 

1 . This Office Action is in response to an AMENDMENT entered Feb 01 , 2008 for 
the patent application 10/679606 filed on Oct 02, 2003. 

2. All prior office actions are fully incorporated into this Office Action by reference. 

Status of Claims 

3. Claims 1-2 and 5-24 are pending. Claims 3-4 are 25-32 are canceled. 

Allowable Subject Matter 

4. Claims 19, 21 and 22 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 



Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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6. Claims 1 -2 and 5-1 8 and 20, 23-24 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Sturdy (USPN 2003/0158963, referred to as Sturdy), and further in 
view of Nefian (USPN 2004/0002863, referred to as Nefian). 

Claim 1: 

Sturdy teaches a method for network defense (Sturdy, U 0013: tactical datalink 
applications ... used by the military), comprising the steps of: 

detecting mission events (Sturdy, U 0025: military missions) by processing 
communications packets and traffic streams (Sturdy, U 0013: military communications 
systems); 

forming mission tracks by processing said mission events (Sturdy, U 0037: 
tactical and mission data; EN: forming mission tracks is an outcome of processing 
mission data); 

determining active mission types, using said mission events (Sturdy, U 0033: 
mission computer); 

estimating mission sensitivities by processing said mission tracks (Sturdy, U 
0033: military unique functions); 

prioritizing network operations (Sturdy, Abstract: message priority management) 
by processing said mission sensitivities (Sturdy, Abstract: improving mission 
effectiveness); and 

correlating network alarms to missions by processing said mission sensitivities 
(Sturdy, U 0081 : NETWORK CONFIGURATION AND STATUS functions; EN: The 
status functions compute status values based on correlating network alarms to mission 
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functions; H 0038: alerts for the pilot), wherein said steps include a database of dynamic 
and a priori information (Sturdy, U 0081 : stored data), 

wherein estimating mission sensitivities by processing said missiontracks 
comprises estimating mission sensitivities by processing said missiontracks comprises 
estimating mission sensitivity to network perturbations (Sturdy, U 0098: providing more 
robustness in message handling; EN: 'robustness' defines network perturbations), using 
mission tracks. 

Sturdy does not teach: 

determining state of each mission, using said mission events, including 
producing a mission state vector for each mission; 

However, Nefian teaches determining state of each mission, using said mission 
events, including producing a mission state vector for each mission (Nefian, Tf 0020: 
state vector describing the state of the hidden nodes). Sturdy and Nefian are from the 
same field of endeavor, handling data run on a network processor. It would have been 
obvious to one of ordinary skill in the art to have modified Sturdy's intelligent 
communications system with state vectors, for the benefit of manipulating and storing 
state information. 

Claim 2: 

Sturdy modified by Nafian teaches the method of claim 1 wherein detecting 
mission events by processing communications packets comprises of: 
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receiving said communications packets (Sturdy, H 0052: messages received 
from ... network paths); 

extracting said communicated information from said communication packets and 
traffic streams (Sturdy, If 0014: collection agents can be used to extract information); 

creating homogenous information packages, from said communicated 
information (Sturdy, U 0108: messages created by the onboard military applications); 
and 

detecting mission events (Sturdy, 1f 0025: military missions) by processing said 
homogeneous information package (Sturdy, H 0109: evaluating message); 

Claim 5: 

Sturdy modified by Nafian teaches the method of claim 1 , wherein prioritizing 
network operations by processing said mission sensitivities(Sturdy, Abstract: improving 
mission effectiveness) comprises ordering said list of network operations (Sturdy, H 
0106: list and descriptions) by comparing said mission sensitivities. 

Claim 6: 

Sturdy modified by Nafian teaches the method of claim 1 , wherein said 
correlating network alarms to missions by processing said mission sensitivities 
comprising creating a list of relationships between each network alarm (Sturdy, H 0038: 
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alerts for the pilot) and each mission using said mission sensitivity values (Sturdy, H 
0038: end system status). 

Claim 7: 

Sturdy modified by Nafian teaches the method of claim 1 , wherein network 
perturbations comprise modifications to network devices, protocols, policies, or 
architecture through network management courses of actions (Sturdy, U 0106: Network 
management; EN: the limitations are implicit within network management). 

Claim 8: 

Sturdy modified by Nafian teaches he method of claim 1 , wherein network 
perturbations comprise modifications to network devices, protocols, policies, or 
architecture through attacks on network devices, protocols, policies, or architecture 
(Sturdy, U 0106: Network Management and Message Distribution; EN: the limitations 
are implicit within network management). 

Claim 9: 

Sturdy teaches the method for network defense, comprising: 

Detecting mission events by processing communications packets and traffic 

streams (Sturdy, If 0049: ATN message management); 

forming mission tracks by processing said mission events (Sturdy, H 0025: 

military missions); 
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estimating mission sensitivities by processing said mission tracks (Sturdy, H 
0033: military unique functions); 

prioritizing network operations by processing said mission sensitivities (See 
claim 1, same rejections apply); 

and 

correlating network alarms to mission by processing said mission sensitivities 
See claim 1, same rejections apply), 

wherein said steps include a database of dynamic and a priori information, 

wherein the step of estimating mission sensitivities by processing said mission 
tracks comprises estimating mission sensitivity to network perturbations, using mission 
tracks See claim 1, same rejections apply), 

wherein said database of dynamic and a priori information comprises: 

providing a database of performance statistics and observation logs from earlier 
missions (Sturdy, H 0036: performance capability of the available military radios); 

providing a set of prespecified mission types (Sturdy, U 0020: types of data link 
messages; EN: 'types' of data links or radios define types of mission); 

for each mission type, providing a set of prespecified mission states (Sturdy, U 
0036: mission computer; EN: the limitations are implicit within a mission computer); 

for each mission type, providing a set of prespecified mission events (Sturdy, H 
0036: mission computer; EN: the limitations are implicit within a mission computer); 

providing a set of prespecified network perturbations (Sturdy, H 0106: Network 
management; EN: the limitations are implicit within network management); 
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providing a set of weighted mappings from network components to mission 
states (Sturdy, U 0036: mission computer; EN: the limitations are implicit within a 
mission computer); 

providing a set of mappings from network perturbations to network components 
(Sturdy, H 0106: Network management; EN: the limitations are implicit within network 
management); 

providing a set of prespecified network alarms (Sturdy, U 0038: alerts for the 

pilot); 

providing a rule base for updating, adapting, and modifying mission types, 
mission states, mission events, network perturbations, network alarms, and mappings 
using said performance statistics and observation logs (Sturdy, U 0106: Network 
management). 

Sturdy does not teach: 

providing a set of weighted mappings from network components to mission 
events. 

However, Nafian teaches providing a set of weighted mappings (Nafian, U weight 
associated) from network components to mission events (Sturdy, U 0036: mission 
computer). Sturdy and Nefian are from the same field of endeavor, handling data run on 
a network processor. It would have been obvious to one of ordinary skill in the art to 
have modified Sturdy's intelligent communications system with weighted mappings for 
the benefit of effective correlation between the network and the corresponding mission 
events. 
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Claim 10: 

Sturdy modified by Nafian teaches the method of claim 2, wherein said 
communicated information comprises packet source information, destination addresses 
and port information (Sturdy, If 0044: Link-16 mission information). 

Claim 11: 

Sturdy modified by Nafian teaches the method of claim 2, wherein the step of 
extracting said communicated information comprises scanning said communicated 
packets as an unstructured data stream (Sturdy, U 0083: scans messages received 
from various end systems). 

Claim 12: 

Sturdy modified by Nafian teaches the method of claim 2, wherein the step of 
extracting said communicated information comprises comparing traffic stream 
characteristics to known usage patterns (Sturdy, U 0083: Analyze data for TRENDS; 
EN: Trends' are the usage patterns). 

Claim 13: 

Sturdy modified by Nefian teaches the method of claim 3, wherein the active 
mission types are determined through the use of a HMM (Nefian, ^ 0013: hidden 
Markov model). It would have been obvious to one of ordinary skill in the art to have 
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modified Sturdy's intelligent communications system with HMM for the benefit of 
determining hidden mission types from the observable mission types. 

Claim 14: 

Sturdy modified by Nefian teaches the method of claim 3, wherein the state of 
each mission is determined through the use of a HMM (Nefian, 0013: hidden Markov 
model). It would have been obvious to one of ordinary skill in the art to have modified 
Sturdy's intelligent communications system with HMM for the benefit of determining 
hidden states from the observable states. 

Claim 15, 16: 

Sturdy modified by Nefian teaches the method of claim 13, wherein mission 
HMM component determination comprises combining performance statistics from earlier 
missions with an Operational Sequence Diagram (Nefian, If 0019: HMM with a 
sequence of states). It would have been obvious to one of ordinary skill in the art to 
have modified Sturdy's intelligent communications system with the combination 
performance of HMM with a sequence of states, for the benefit of achieving continuous 
observable states. 



Claim 17: 
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Sturdy modified by Nefian teaches the method of claim 3, wherein the step of 
determining said active mission types is performed inductively (Sturdy, If 0082: request 
is active ... to evaluate routing criteria; EN: To evaluate the routing criteria, the active 
requests would support the routing function without directly ensuring it, which is what 
inductive reasoning it). 

Claim 18: 

Sturdy modified by Nefian teaches the method of claim 17, wherein the step of 
determining said active mission types inductively, is through the use of a forward 
algorithm (Sturdy, If 0082; EN: The induction discussed in claim 17 is a forward 
algorithm because its flow is from request to routing). 

Claim 20: 

Sturdy modified by Nafian teaches the method of claim 1 , wherein said 
estimating mission sensitivity to network perturbations comprises using a closed-form 
expression to compute mission sensitivities (Sturdy, U 0036: computes the Actual 
Communication Performance (ACP) indicator; EN: The ACP is an explicit computation 
and hence a closed form). 



Claim 23: 
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Sturdy modified by Nafian teaches the method of claim 20, wherein said set of 
network perturbations comprises a set of alternative network operation COAs (Sturdy, If 
0106: Network management; EN: the limitations are implicit). 

Claim 24: 

Sturdy modified by Nafian teaches the method of claim 20, wherein said set of 
network perturbations comprises a set of attacks on network devices, protocols, 
policies, and architecture (Sturdy, 0106: Network management; EN: the limitations 
are implicit). 

Response to Arguments 

7. Applicant's arguments filed Feb 01 , 2008 have been fully considered but they are 
not persuasive. 

8. Applicant's argument regarding claim 1 on pages 7-8: 

Sturdy network fails to teach the network recited in amended independent claim 
1 in that the network of amended independent claim 1 recites "determining active 
mission types" and "determining state of each mission." 

Examiner's response : 

Sturdy teaches military missions (Sturdy, If 0025) and collecting status and faults 
(Sturdy, H 0037). The 'status' determines the state of a mission. Therefore, all 
limitations are met. 
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9. Applicant's argument regarding claim 1 on pages 8: 

Sturdy fails to teach "estimating mission sensitivity to network perturbations, 
using mission tracks." 

Examiner's response : 

Sturdy teaches estimating mission effectiveness and network management, 
specifically for military communication systems (Sturdy, Abstract and also If 0022). 
Also, Sturdy discusses robustness in message handling (Sturdy, If 0098). To provide 
'robustness', a system would be managing network perturbations effectively. 

1 0. Regarding applicant's argument on page 9: 

One of ordinary skill in the art would not equate 'determining the status of 
available military radios and determining active mission types and the state of the 
missions.' 

Examiner's response : 

The status of radios in the military context is based on message routing criteria 
such as, priority, security, urgency, message size etc. (Sturdy, U 001 1). The same 
factors determine the state of the missions. 

1 1 . Regarding applicant's argument on page 9: 

The combination of references Sturdy and Nefian that anticipates HMM is not 

appropriate. 

Examiner's response : 
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The rationale underlying the combination is that a simple substitution of 'a hidden 
Markov Model' or HMM as taught by Nefian into the network model for military missions, 
as disclosed by Sturdy's invention, yields the applicant's limitation regarding the use of 
HMM for determining mission types. 



Examination Considerations 

12. Examiner has cited particular columns and line numbers or paragraph numbers 
in the references applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings of the art and are 
applied to specific limitations within the individual claim, other passages and figures 
may apply as well. It is respectfully requested from the Applicant in preparing 
responses, to fully consider the references in their entirety as potentially teaching all or 
part of the claimed invention, as well as the context of the passage as taught by the 
prior art or disclosed by the Examiner. The entire reference is considered to provide 
disclosure relating to the claimed invention. 



Conclusion 

13. Claims 1-2 and 5-18 and 20, 23-24 stand rejected. Claims 19, 21 and 22 are 
objected. 
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14. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to KALPANA BHARADWAJ whose telephone number is 
(571)270-1641 . The examiner can normally be reached on Monday-Friday 7:30am 5:00 
pm EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David Vincent can be reached on (571 ) 272-3080. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Bharadwaj Kalpana/ 
Examiner, Art Unit 2129 

/David R Vincent/ 

Supervisory Patent Examiner, Art Unit 2129 



